package org.globus.ogsa.impl.security.authorization;

import java.io.IOException;
import javax.security.auth.Subject;
import javax.xml.rpc.handler.MessageContext;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.globus.gsi.jaas.UserNamePrincipal;
import org.globus.ogsa.ServiceProperties;
import org.globus.ogsa.impl.security.authentication.SecureServicePropertiesHelper;
import org.globus.ogsa.impl.security.util.AuthUtil;
import org.globus.security.gridmap.GridMap;
import org.globus.util.I18n;

/* loaded from: input_file:org/globus/ogsa/impl/security/authorization/GridMapAuthorization.class */
public class GridMapAuthorization implements ServiceAuthorization {
    private static I18n i18n;
    private static Log logger;
    private static GridMapAuthorization authorization;
    static Class class$org$globus$ogsa$impl$security$authorization$GridMapAuthorization;

    public static synchronized GridMapAuthorization getInstance() {
        if (authorization == null) {
            authorization = new GridMapAuthorization();
        }
        return authorization;
    }

    @Override // org.globus.ogsa.impl.security.authorization.ServiceAuthorization
    public void authorize(Subject subject, ServiceProperties serviceProperties, MessageContext messageContext) throws AuthorizationException {
        if (subject == null) {
            throw new IllegalArgumentException(i18n.getMessage("noPeerSubject"));
        }
        if (serviceProperties == null) {
            throw new IllegalArgumentException(i18n.getMessage("noService"));
        }
        GridMap gridMap = SecureServicePropertiesHelper.getGridMap(serviceProperties);
        if (gridMap == null) {
            throw new IllegalStateException(i18n.getMessage("noGridmap"));
        }
        try {
            gridMap.refresh();
            String identity = AuthUtil.getIdentity(subject);
            if (identity == null) {
                logger.error(i18n.getMessage("anonPeer"));
                throw new AuthorizationException(i18n.getMessage("anonPeer"));
            }
            String userID = gridMap.getUserID(identity);
            if (userID == null) {
                logger.error(i18n.getMessage("gridmapAuthFailed", identity));
                throw new AuthorizationException(i18n.getMessage("gridmapAuthFailed", identity));
            }
            if (logger.isInfoEnabled()) {
                logger.info(i18n.getMessage("gridmapAuthSuccess", new Object[]{identity, userID}));
            }
            subject.getPrincipals().add(new UserNamePrincipal(userID));
        } catch (IOException e) {
            logger.error(i18n.getMessage("gridmapRefreshFail"), e);
            throw new AuthorizationException(i18n.getMessage("gridmapRefreshFail"), e);
        }
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        Class cls2;
        if (class$org$globus$ogsa$impl$security$authorization$GridMapAuthorization == null) {
            cls = class$("org.globus.ogsa.impl.security.authorization.GridMapAuthorization");
            class$org$globus$ogsa$impl$security$authorization$GridMapAuthorization = cls;
        } else {
            cls = class$org$globus$ogsa$impl$security$authorization$GridMapAuthorization;
        }
        i18n = I18n.getI18n(Authorization.RESOURCE, cls.getClassLoader());
        if (class$org$globus$ogsa$impl$security$authorization$GridMapAuthorization == null) {
            cls2 = class$("org.globus.ogsa.impl.security.authorization.GridMapAuthorization");
            class$org$globus$ogsa$impl$security$authorization$GridMapAuthorization = cls2;
        } else {
            cls2 = class$org$globus$ogsa$impl$security$authorization$GridMapAuthorization;
        }
        logger = LogFactory.getLog(cls2.getName());
    }
}
